1. Intelligent Advisor REST APIREST API for Intelligent Advisor 24B
  2. Use Cases
  3. Using the Audit REST API

Using the Audit REST API

The audit entries REST API provides the ability to retrieve all audit entries or a single audit entry.

An audit entry contains information about a security event or a successful operation that occurred in Intelligent Advisor Hub.

Only a Hub Administrator can access the Audit REST API.

GET All Audit Entries

Retrieves all audit entries from latest to earliest.

The request URL looks like:

opa-hub/api/12.2.13/audit-entries

The response is an HTTP 200 response.

Example GET All Audit Entries response:

{
    "items": [
        {
            "auditId": 5,
            "auditDateTime": "2018-09-07T14:03:42Z",
            "authenticationId": 1,
            "authenticationName": "admin",
            "description": "Deployed version 1 of deployment snapshot 'HealthyEating'",
            "objectType": "Deployment Version",
            "objectId": 1,
            "operation": "Create",
            "outcome": true,
            "details": "{\"date\":\"2018-09-07T14:03:41Z\",\"opaVersion\":\"12.2.13\",\"activeVersionFlag\":true,\"addedBy\":\"admin\",\"versionNo\":1,\"description\":\"Ad hoc project 'HealthyEating'. initial deployment\"}",
            "links": // ...
        },
        {
            "auditId": 4,
            "auditDateTime": "2018-09-07T14:03:42Z",
            "authenticationId": 1,
            "authenticationName": "admin",
            "description": "Created deployment 'HealthyEating'",
            "objectType": "Deployment",
            "objectId": 1,
            "operation": "Create",
            "outcome": true,
            "details": "{\"compatibilityMode\":\"latest\",\"collections\":[\"Default Collection\"],\"serviceURLs\":{\"interview\":\"https://mysite.example.com/web-determinations/startsession/HealthyEating\"},\"name\":\"HealthyEating\",\"services\":[\"interview\"]}",
            "links": // ...
        },
        {
            "auditId": 3,
            "auditDateTime": "2018-09-07T14:03:37Z",
            "authenticationId": 1,
            "authenticationName": "admin",
            "description": "Login succeeded by user 'admin'",
            "objectType": "User",
            "objectId": 1,
            "operation": "Login",
            "outcome": true,
            "links": // ...
        },
        {
            "auditId": 2,
            "auditDateTime": "2018-09-07T13:59:59Z",
            "authenticationId": 1,
            "authenticationName": "admin",
            "description": "Acquired bearer token for 'admin'",
            "objectType": "Bearer Token",
            "operation": "Read",
            "outcome": true,
            "links": // ...
        },
        {
            "auditId": 1,
            "auditDateTime": "2018-09-07T13:59:17Z",
            "authenticationId": 1,
            "authenticationName": "admin",
            "description": "Login succeeded by user 'admin'",
            "objectType": "User",
            "objectId": 1,
            "operation": "Login",
            "outcome": true,
            "links": // ...
        }
    ],
    "links": // ...
}

Paging is supported by GET ALL Audit Entries. It allows retrieval of audit entries per page size. The default and maximum page size is 500.

If there are more audit entries than the page size, there will be a link named nextPage in the JSON response for retrieving the next page of audit entries. If the user has retrieved a page of audit entries using the nextPage link, a link named previousPage will be available in the JSON response for retrieving the previous page of audit entries.

Example links, when audit entries were retrieved from page 2:

    "links": [
        {
            "rel": "self",
            "href": "https://mysite.example.com/opa-hub/api/12.2.13/audit-entries?offset=1&limit=1&snapshot=6"
        },
        {
            "rel": "canonical",
            "href": "https://mysite.example.com/opa-hub/api/12.2.13/audit-entries"
        },
        {
            "rel": "parent",
            "href": "https://mysite.example.com/opa-hub/api/12.2.13"
        },
        {
            "rel": "describedBy",
            "href": "https://mysite.example.com/opa-hub/api/12.2.13/metadata-catalog/audit-entries"
        },
        {
            "rel": "previousPage",
            "href": "https://mysite.example.com/opa-hub/api/12.2.13/audit-entries?limit=500&snapshot=1501"
        },
        {
            "rel": "nextPage",
            "href": "https://mysite.example.com/opa-hub/api/12.2.13/audit-entries?offset=1000&limit=500&snapshot=1501"
        }
    ]

The following optional URL query parameters are supported:

Parameter Description Minimum Maximum
limit Number of audit entries per page 1 500
offset Number of audit entries to skip from the first audit entry 0 Number of audit entries -1

GET Audit Entry

Retrieves an audit entry using its auditId.

The request URL looks like:

opa-hub/api/12.2.13/audit-entries/{audit-entry-id}

The response is an HTTP 200 response.

Example of getting the earliest audit entry:

opa-hub/api/12.2.13/audit-entries/1 

{
    "auditId": 1,
    "auditDateTime": "2018-09-07T13:46:48Z",
    "authenticationId": 1,
    "authenticationName": "admin",
    "description": "Login succeeded by user 'admin'",
    "objectType": "User",
    "objectId": 1,
    "operation": "Login",
    "outcome": true,
    "links": // ...
}